Security Systems and Devices

05/18/2015

CAREFUL WHAT YOU leave in your lockers, high school students and gym-goers. An invasion of 3-D printed robots may be coming, capable of popping one of the world’s most ubiquitous brands of combination locks in as little as half a minute.

On Thursday, well-known hacker Samy Kamkar published on his website the blueprint and software code for a 3-D-printable Arduino-based lock-opening robot he calls the “Combo Breaker.” Attach it to any of millions of Master Lock combination locks, turn it on, and it can take advantage of a Master Lock security vulnerability Kamkar recently discovered to open the lock in a maximum of five minutes with no human interaction. Kamkar says.

“The machine pretty much brute-forces the lock for you. You attach it, leave it, and it does its thing.”

In fact, the Combo Breaker is programmed to do far better than a mere brute-force attack. It takes advantage of a mathematical trick Kamkar revealed last month that allows anyone—with a little practice—to find the combination of a low-end Master Lock combination lock in only eight tries. That technique takes advantage of a manufacturing flaw: when the U-shaped shackle of one those combination locks is pulled while its rotor is turned, the cracker can feel resistance on certain numbers that help to reveal the position of the “combination disks” that determine the combination that opens the lock. In combination with some restrictions in possible combinations that Kamkar mathematically deciphered and encoded in a web-based tool, Kamkar exploited that information leak to cut out all but a few possible combinations. The resulting manual technique is easy enough—writers at Ars Technica who tested it, for instance, were mostly able to pull it off after a couple of tries.

The Combo Breaker goes even further, automating the process with zero skill or practice required from the user. But a Master Lock cracker willing to learn just one step in the process can also give the Combo Breaker a manual head start by merely turning a target lock’s rotor while tugging the shackle to find the first number that offers resistance and starting the robot at that position. Doing that, Kamkar says, enables his device to then crack a Master Lock combination in just 30 seconds. Kamkar explains.

“Without doing any work, this can open the lock entirely automatically in 80 combinations. If you do that one little test first, it can crack the lock in eight combinations or less.”

Kamkar’s robot consists of little more than a stepper motor, an Arduino chip that runs his cracking algorithm, a lever to pull the shackle, a rotor with a 3-D printed attachment to the lock’s face, and an optical sensor that tracks the location of the lock’s dial as it turns. All together, he says he built his prototype for less than $100. Here’s Kamkar’s video breakdown of the robot’s creation:

Master Lock didn’t immediately respond to WIRED’s request for comment. But Kamkar says his cracking technique is likely no major surprise to the lock maker, nor should it necessarily register as a serious security crisis. Master Lock gives its locks a 1-to-10 security rating displayed on its packaging, and the locks he tested were all rated 3. He says.

“The moral is pretty simple. If you’re trying to protect valuables in a storage locker, you should probably be using a better lock.”

In fact, Kamkar’s method builds off a trick that’s been known for years that reduces the number of possible combinations of those cheap Master Lock locks from 64,000 to just 100. Kamkar’s original goal was to build his robot to automate that tedious one-hundred-combination guessing. But when he drilled off the back of the locks to learn more about how they work, he soon discovered his own additional trick that further honed the attack, vastly reducing his robot’s cracking time. (Watch Kamkar explain the technical details of that technique here.)

Kamkar says his goal in freely releasing the plans for the Combo Breaker was mostly to foster hacker experimentation and share his own enjoyment of what he describes as “James Bond”-style gadgetry. But he also hopes to teach the public that their low-end combination locks are laughably insecure. Kamkar says.

“Security people know about this, but the general public doesn’t. I try to build things that are interesting to a general audience. And I hope getting this out there helps people make better decisions about the locks they use.”

COMMENTARY: California's Penal Code 466 PC makes it a misdemeanor (punishable by six months in jail and a $1,000 fine) to have in your possession burglary tools with intent to commit a crime. However, if you can prove otherwise, you will not be cited. I am not trying to be a kill-joy, but I wonder if Kamkar knows that he might be helping burglars find it easier to commit burglary's by using his "combo breaker" on victims.

Not being mechanically inclined, I would probably find it difficult to build a combo breaker of my own, no matter how easy the DIY instructions were. A far easier, and less costly contraption would be this:

I haven't actually tried the latter method for opening combination locks, but it certainly appears to be far simpler, and less costly than Kamkar's combo breaker. Comments?

07/12/2014

With biometric security like EyeVerify's Eyeprint scanner, you may never need to remember another password again.

EyeVerify is a start-up company in the Kansas City Startup Village, working on innovative biometric security for smartphones and tablets. The software scans the eyes of the user in place of a password, and if it's not the right person, the software won't open.

Biometric security means a physical characteristic is used to identify the right person. This could be something like a fingerprint, handprint, voice analysis, or eye scan.

Chris Barnett, the EVP of Sales and Marketing for EyeVerify, said.

"It actually is equal to a 50-character complicated password - which obviously no human would ever use or remember."

Barnett said many security issues come from people using simple passwords that are easy to guess, or forgetting longer passwords and constantly needing to reset.

EyeVerify hopes its software can fix some of what it calls "password pain."

The software uses the camera already in the smartphone to snap a picture. It looks for vein patterns in the whites of the eyes, which are unique just like fingerprints. Barnett said there is a two-in-one-hundred-thousand chance of someone being able to fake their way into the software.

Click Image To Enlarge

People with bloodshot eyes can still use the software without problem.

Toby Rush, the CEO of EyeVerify, said.

"You can have allergies, you can have hay fever, you could be out late the night before, drinking the night before, you could live in California and use medicinal marijuana, all those things don't change the pattern of blood vessels, they simply make them bigger."

Barnett said that more employees use their smartphones to access company information than ever before. That opens up security problems for companies and also can cause frustration in IT departments when employees continually lose or forget their passwords.

Barnett said.

"With our technology, big companies can just eliminate all that password pain for themselves and their employees and be absolutely sure this really is an employee."

One of the first U.S. companies to feature EyeVerify software on their app is mobile security provider Good Technology. Employees in finance, healthcare, military and government groups use their technology to access email, calendars, project schedules and contact information.

EyeVerify said it hopes to sell its software to banks, which would use the eye scanner in their mobile apps. EyeVerify believes this would make mobile banking much more secure and ensure that the apps are not easy to break into if the phone is stolen.

COMMENTARY: The EyeVerify app is available for FREE downloading from the Apple iTunes Store and Google Play (4.7 stars) for iOS and Android devices respectively.

06/02/2014

Today, federal officialsannounced new charges against the GameOver Zeus botnet, together with coordinated seizures that appear to have stopped the network cold. GameOver Zeus infected as many as a million Windows computers, harvesting user credentials and executing fradulent wire transfers.

Today's federal complaint named Russia's Evgeniy Mikhailovich Bogachev as mastermind of the network, tracked down with the help of law enforcement agencies across eleven countries.

"Gameover Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt. The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the US government."

GameOverZeus would use sophisticated attacks to harvest confidential information once computers were infected. Where a banking site might normally ask for a username and password, the malware could add extra fields for social security number and credit card information, inserted seamlessly into the page's layout. Once the attackers had enough data, they would strike with an unauthorized wire transfer. The federal complaint names four such attacks, ranging from $190,000 stolen from an assisted living facility, all the way up to $7 million stolen from a regional bank in northern Florida. According to the Justice Department, the total damage inflicted by GameOver totals more than $100 million.

The botnet also raised money through Cryptolocker an attack that would encrypt a computer's hard drive, demanding a ransom to unlock the data. For those that didn't pay, data-recovery costs reached as high as $80,000. Researchers say the botnet has been operational since October of 2011, but used a complex P2P mechanism to cover its tracks, making it difficult to track down before now. Strong encryption also disguised the location of the master servers. US assistant attorney general Leslie Caldwell said in a statement to the press.

"These schemes were highly sophisticated and immensely lucrative. The cyber criminals did not make them easy to reach or disrupt."

COMMENTARY:GameOver Zeus is an extremely sophisticated type of malware designed specifically to steal banking and other credentials from the computers it infects. It’s predominately spread through spam e-mail or phishing messages.

Unbeknownst to their rightful owners, the infected computers become part of a global network of compromised computers known as a botnet—a powerful online tool that cyber criminals can use for their own nefarious purposes. In the case of GameOver Zeus, its primary purpose is to capture banking credentials from infected computers, then use those credentials to initiate or re-direct wire transfers to accounts overseas that are controlled by the criminals. Losses attributable to GameOver Zeus are estimated to be more than $100 million.

Unlike earlier Zeus variants, GameOver has a decentralized, peer-to-peer command and control infrastructure rather than centralized points of origin, which means that instructions to the infected computers can come from any of the infected computers, making a takedown of the botnet more difficult. But not impossible.

Officials announced that in addition to the criminal charges in the case, the U.S. obtained civil and criminal court ordersin federal court in Pittsburgh authorizing measures to sever communications between the infected computers, re-directing these computers away from criminal servers to substitute servers under the government’s control.

The orders authorize the FBI to identity the IP addresses of the victim computers reaching out to the substitute servers and to provide that information to Computer Emergency Readiness Teams (CERTs) around the world, as well as to Internet service providers and other private sector parties who are able to assist victims in removing GameOver Zeus from their computers.

Important note: No contents of victim communications are captured or accessible in the disruption process.

In a related action announced today, U.S. and foreign law enforcement officials seized Cryptolockercommand and control servers. Cryptolocker is a type of ransomware that locks victims’ computer files and demands a fee in return for unlocking them. Computers infected with Cryptolocker are often also infected with GameOver Zeus.

Evgeniy Bogachev, added to the FBI’s Cyber’s Most Wanted list, was identified in court documents as the leader of a gang of cyber criminals based in Russia and the Ukraine responsible for the development and operation of both the GameOver Zeus and Cryptolocker schemes.

The actions to take down GameOver Zeus were truly collaborative. FBI Executive Assistant Director Robert Anderson said.

“GameOver Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt. The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the U.S. government.”

05/10/2014

ON THE STREET OR ON FACEBOOK, FACIAL RECOGNITION CAMERAS ARE POINTED YOUR WAY NON-STOP. ONE ARTIST WANTS TO LEND YOU HIS FACE TO PROTECT YOURS.

The city of Chicago monitors its citizens through ~25,000 surveillance cameras--what the ACLU has deemed a “frightening number.” These cameras connect to facial recognition software and government databases to reveal your identity. In 2013, Chicago police flexed the muscles of this system for the first time, and used it to identify and arrest a suspected purse snatcher.

Even to law-abiding citizens, that volume of cameras is overkill. In response, Chicago artist Leo Selvaggio hasoffered his own face to shield people's identities--from everyday pedestrians to active protesters--whether they’re in a public urban space or just shooting selfies for Facebook.

Click Image To Enlarge

In an Indiegogo project dubbed URME (phonetically, “you’re me”), Selvaggio offers three ways to buy his face, all sold at cost. The first is as a photorealistic, 3-D printed and hand-painted prosthetic mask. At a glance, it appears real to cameras and people alike.

Click Image To Enlarge

A second, “economic” option is a DIY paper mask kit. You can cut out Selvaggio’s visage from a sheet of paper, then stick it on your own face. No one will be fooled, but that’s not really the point. Here, Selvaggio’s face serves more as a Guy Fawkes mask--the mask of choice for hacker collective Anonymous. It’s an overt refusal to be recognized, and a visual icon that's recognized by many protesters. But facial recognition cameras, often working from low-resolution camera feeds, will just ID you (or your throng of people) as Selvaggio himself.

Click Image To Enlarge

The third mask doesn’t live in the real world at all. It’s a piece of open-source software that uses augmented reality to stick Selvaggio’s face onto faces in a video feed, shielding you from such platforms as Facebook’s powerful facial recognition. (Ignore the fact that Facebook can probably triangulate who is in your crazy protest video by analyzing the viewing and share patterns of its multi-billion-person social network.)

Selvaggio’s masks make a point, even if they're an imperfect solution to an increasingly stifling surveillance infrastructure. In the best-case scenario, his masks become the face of protest across the world. Of course, that teaches our surveillance systems to pay close attention to whomever is obfuscating his or her own face with Selvaggio’s mug.

What would be interesting, and more importantly, scalable, would be if hundreds of thousands of people offered their faces for Selvaggio’s platform, allowing citizens to swap faces at will. It would build so much margin for error into these automated surveillance systems that they could become reasonably useless. But then again, I’m not sure that hopping on the El with someone else’s face each day really feels like freedom.

COMMENTARY: As a strong supporter of freedom from surveillance, I'm sold on the URME Anti-Surveillance Mask, as a way to put one over on Big Brother, the NSA, FBI, major airport and local law enforcement agencies everywhere. We are constantly being watched, photographed and videotaped, and it has completely gotten out of control. The social networks, including Facebook, Twitter and Google, are all cooperating with both local, state and federal law enforcement agencies and the Department of Homeland Security to protect us from terrorists and criminals, but lost in all of this is our individual rights against being watched like we are criminals ourselves. Our faces are now stored on video tapes and photo images taken wherever we travel or visit. I am glad that Leo Salvaggio thought of a way to curtail these infrigements on our individual freedom.

01/07/2014

THE DOORBELL IS GETTING MADE OVER AS A DIGITAL DOORMAN AND SURVEILLANCE CAMERA.

Unless you live in a doorman building or your house is located in a theft-free neighborhood, the downside of online shopping--especially during the holidays--is the fear that your packages might get swiped. For most of us, the new DoorBot is the doorman-slash-security-camera we've always wanted. Sleek and wireless, it easily attaches to your home and uses low-voltage Wi-Fi to beam live video of whoever rings your doorbell directly to your phone so you can see who’s there and communicate with them intercom-style.

The Doorbot package includes all the necessary components and an easy-to-read installation manual (Click Image To Enlarge

"Usually, when I tell my wife about my invention ideas, she correctly tells me they are bad. Then one night I showed her my idea for the DoorBot, and she told me that I did not just reinvent the doorbell, but I gave her the feeling of having gates on the house for a fraction of the price. Now when I travel, she can answer the door from a comfortable, safe area in the house."

With that vote of confidence, he and his team--including several people who helped him create PhoneTag, a pioneering service in 2005 that transcribes voicemails into emails and text messages--got to work, figuring out how to pack a full-featured product into a small ABS plastic box, and make it simple to install and use. They successfully raised more than $250,000 via crowdfunding site Christie Street late last year, went into production, began shipping units earlier this month, and are on pace to sell $7 million in units this year. Siminoff says that beyond raising capital, the process served to refine his invention, challenging the team to make it everything his customers needed it to be.

Doorbot device allows your to see and speak with visitors at your front door through a mobile app that installed on your smartphone (Click Image To Enlarge)

He explains.

"Using crowdfunding for a product definitely impacts the overall process that we went through in bringing DoorBot to market. We received immediate feedback from passionate customers prior to the product ever reaching the shelves. The result is that we were able to design and manufacture a product that is much more appealing to the market right at launch than a typical version one product."

That's good news for those looking to automate their homes. Installing a DoorBot means you're connected to your door--the portal to your abode--24/7. Beyond just seeing who's knocking, the $199 unit can be paired with Lockitronto provide keyless entry (buy them together for $349).

Back to that online shopping conundrum: Expecting a package while you’re at work? Confirm the delivery guy's identify, buzz him in so he can leave it inside, and use the camera to watch him leave--all through the app. The DoorBot even has night vision, so you can always see who's dropping by, even after hours or in a dark entryway. It can be hardwired where your old doorbell lived, or run on an internal lithium polymer battery that only needs to be recharged annually. The free app works with both Apple and Android phones, and the unit is built to stand up to extreme weather. It’s now being sold in more than 60 countries.

It is also going live on the Staples Connect system, which allows you to unite all of your Internet of things in one app and it allows you to piece together the system with only the hardware and services you love, rather than using an out-of-box solution that one company put together.

Siminoff says.

"Homeowners don't want to spend a fortune on a comprehensive system, and now they don't need to. DoorBot provides convenience and safety for when you're at home, and peace of mind for when you're away."

COMMENTARY: I absolutely love Doorbot because it solves a real need in the marketplace: Knowing who visits the front door of your house when you are not home, and being able to do something about it.

If you expect a package or an important visitor to show up at your front door, and you will not be home, this is your backup plan and a damn good one. If it is a bad guy, they are immediately put on notice that you saw them and heard them. This reduces the likelihood that they wlll break into your house. At $199, you cannot beat that price for piece of mind.

With security systems and services like ADT, you must pay a one-time upfront fee for installing a security system and a monthly rental fee that will run for a minimum of three to five years. The final costs of an ADT system are many thousands of dollars. Doorbot at $199 is much cheaper and is affordable by all homeowners, a very huge market indeed.

Shame on the Sharks from ABC's Shark Tank TV show for turning down Jamie Siminoff. I would never have accepted money from Kevin O'Leary. O'Leary wanted a 10% royalty and a 10% ownership for the $700,000. The payment of the royalty would end when the $700,000 investment is fully recovered. Here's the YouTube video of Jamie meeting those mean Sharks:

Click To View Video

Jamie did the right thing by pitching Doorbot using crowdfunding, and is now well on his way to generating first year revenues of $7 million. Congratulations Jamie!!

Courtesy of an article dated December 20, 2013 appearing in Fast Company

09/23/2013

"Did you say that some German hackers cracked our iPhone 5S fingerprint reader?"

Just a few days after Apple unveiled its new iPhone with a fingerprint ID scanner, German researchers say they’ve cracked the scanner using a fake rubber print.

The researchers, with the Chaos Computer Club, posted a video on their website showing members of the group’s biometric team defeating Apple’s Touch ID with a fabricated fingerprint created from a photo of a print.

They photographed the print from a glass surface, laser-printed the fingerprint image on a transparency sheet, then smeared it with latex. A similar method was used in 2002 by researchers in Japan to demonstrate the security weaknesses of fingerprint scanners using a gel fingerprint.

Frank Rieger, spokesperson for the CCC, said on the group’s website.

“We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token.”

“The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.”

They explained their process here:

The method follows the steps outlined in this how-to with materials that can be found in almost every household: First, the fingerprint of the enrolled user is photographed with 2,400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1,200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.

Apple added the Touch ID technology to its iPhone 5S in order to allow users to authenticate themselves to their phones to unlock the devices and to make purchases through iTunes by placing their finger on the device’s home button. A laser-cut sapphire crystal and a stainless steel detection ring are the top layers of the home button.

It’s hard to square Apple’s statement with the German researchers demonstration, which showed that a mere photo of a latent print from the skin’s top layer was sufficient to trick the technology.

COMMENTARY: Whether you are a German hacker from the Chaos Computer Club or professional hacker you will need the fingerprint of the original owner of the iPhone 5S in order to crack it and get into that phone. Furthermore, you don't know if the owner used a thumb print, whether it was the right thumb or left thumb, or if they used the fingerprint from another finger. Sure, you could lift a finger print from the glass display of the phone, but you still don't know which finger to use. In any regard, it is still going to be considerable work to get ahold of the correct fingerprint, so you can create a duplicate latex imprint.

An even more interesting question is: Didn't those smart Apple iPhone engineers forsee hackers lifting a fingerprint and creating a latex duplicate fingerprint imprint to crack the fingerprint reader? You would've thought that they would've tried the various methods of cracking a fingerprint and built security preventive measures. Perhaps a fingerprint plus a secret password or pincode.

09/08/2013

The OFF Pocket claims to block all signals so that a cell phone can't be tracked. (Click Image To Enlarge)

ARTISTS BEHIND A LINE OF ANTI-DRONE STEALTH WEAR ARE OPENING FOR BUSINESS.

Artist Adam Harvey has been working with the idea of anti-surveillance for years, creating, for instance, a handbag that thwarts paparazzi with a flash of its own, a series of portraits that fool face-recognition technologies with blocks of makeup and obtrusive hairstyles, and a line of “stealth wear” designed to camouflage its wearers from drones.

A handbag that thwarts paparazzi with a flash of its own. When triggered by a flashing camera, the anti-paparazzi clutch sets off a photo-ruining flash of its own. (Click Image To Enlarge)

The anti-drone scarf will be sold with other projects in Harvey's online store. (Click Image To Enlarge)

In a project called 'CV Dazzle,' Harvey used makeup and hairstyles to confuse face-recognition technology. (Click Image To Enlarge)

But only recently did his projects begin to seem as marketable as they are provocative.

His latest invention, a collaboration with performance wear designer Johanna Bloomfield called “OFF pocket,” is an envelope for cell phones that supposedly blocks all cellular, Wi-Fi, and GPS signals. More than 650 Kickstarter backers have contributed $56,447 to see it be manufactured en mass.

“In the first few years after 9-11, talking about privacy was nearly taboo. Its relevancy was buried in jingoism. Now, privacy is the topic du jour at cafés. Having double identities brings you cache. And a modest amount of paranoia is considered healthy.”

In the wake of OFF Pocket’s success, Harvey is planning to launch an online store called PRCVM (short for “privacy mode”) on December 1. The store will sell the OFF Pocket and other items created for a collaboration with the New Museum store called “the Privacy gift shop.” Some other products from that collection include an “I Love New York” T-shirt that can’t be read by machines ($40), a copper wallet insert that blocks credit cards from RFID scanners ($25), and an anti-Drone scarf ($450).

Harvey says of the camouflage scarf, "I see it more as a tuxedo--which I don’t wear either, very often--but it’s a piece that could be worn if you ever needed to wear it. And it’s available." (Click Image To Enlarge)

The anti-drone scarf demonstrates its camouflaging properties that make the wearer virtually invisible to drones (Click Image To Enlarge)

Many of these projects started without commercial intentions. Before developing the OFF Pocket, for instance, Harvey modified a pair of his own pants with a signalproof pocket and wore them around. The interest those privacy pants generated led him to look at the idea from a product design perspective. Other products, like the anti-drone scarf, remain more art than product. That project's website explains.

"Conceptually, these garments align themselves with the rationale behind the traditional hijab and burqa: to act as 'the veil which separates man or the world from God,' replacing God with drone."

The point of selling the scarf, Harvey says, is partly to raise awareness about privacy issues so that other designers, artists and thinkers can approach them another way.

Harvey's line of anti-drone war masks the wearer's thermal imprint by reflecting heat. (Click Image To Enlarge)

"Conceptually, these garments align themselves with the rationale behind the traditional hijab and burqa: to act as the 'veil which separates man or the world from God,' replacing God with drone," that projects website says. (Click Image To Enlarge)

The anti-drone burqa demonstrates its camouflaging properties which make the wearer virtually invisible to drones. (Click Image To Enlarge)

One already has--but with a very different philosophy. Called HyperStealth Biotechnology Corp, the company makes a fabric it claims can make soldiers completely invisible. It is careful to not sell its full-fledged stealth wear to civilians. Its designer told The Guardian,

"The only people who really don't need to be seen are the ones who are doing something wrong out there."

Harvey, on the other hand, sees his product as a way to explore offsetting military technologies like drones as they inevitably enter everyday life. He says.

“I see it more as a tuxedo--which I don’t wear either, very often--but it’s a piece that could be worn if you ever needed to wear it. And it’s available.”

COMMENTARY: I totally agree with Adam Harvey that these camouflaging products must not be sold to criminals, jihadists and terrorists. If you ask me, this is a no-brainer. These stealth and camouflaging technologies definitely have uses within the U.S. military fighting forces, especially special forces like the U.S. Army Rangers and U.S. Navy Seals, and regular Americans concerned over secret surveillances by our government.

With celebrities and public figures seeking privacy from the paparazzi PCRVM camouflaging apparel and accessories are going to be very popular. And with more Americans concerned that the NSA is conducting secret surveillance of U.S. citizens by tracking their cell phones without regard to their civil rights, under the so-called "authority" of the Patriot Act, the OFF Pocket definitely could fill a real need in the marketplace.

It is absolutely incredible that private citizens now find it necessary to fight back against the unobstructed and illegal surveillance activities of their own government. What kind of country do we live in? Why is President Obama defending the activities of the NSA? We are most definitely not "the land of the free" and a country with "liberty and justice for all."

Courtesy of an article dated September 4, 2013 appearing in Fast Company

Canary may be the self-described “first smart home security device,” but the gadget-and-app duo actually behaves more like an efficient and reassuring house sitter. Unusual movement in your living room? Canary shoots you a text: “Expecting anyone?” Feeling paranoid? “All is calm at home,” Canary can soothe.

Canary, a reassuringly intelligent home security system, launched this week on Indiegogo. (Click Image To Enlarge)

The hardware-and-app system consists of a wide-angle lens camera that stays rooted in the home and software that lets you keep in touch while you’re out. (Click Image To Enlarge)

With a launch on Indiegogo this week, Canary is a somewhat inevitable addition to the home automation market. Like the Nest Thermostat, and some even more recent revisions of lock-and-key hardware, it’s designed to replace the outdated user experience of the traditional home security setup.

Besides unusual activity, Canary can also track temperature, humidity, and air quality for full control over the environment at home. (Click Image To Enlarge)

Canary CEO Adam Sager says.

“Installed systems cost a few thousand dollars, they’re complicated to install, and they’re complicated for users. Ninety-nine percent of alarms are false alarms. That becomes such an annoyance that people turn their security off. To us that’s absolutely crazy.”

The technology gradually adapts to the user. After a learning curve of a week or two, Canary can predict what movements a user might dismiss (say, pets) and what events are cause for alarm. (Click Image To Enlarge)

Bad security systems mean homeowners simply opt out of protecting the house. With that in mind, the Canary team is intent on perfecting the gadget’s sensors for finely tuned pattern recognition. After a week or two of use, the Canary familiarizes itself with the nuances of its home’s sounds and activities. Each cylindrical piece of hardware (The shape calls to mind the Apple’s new Mac Pro--do we smell a trend? ) has a wide-angle lens, and syncs to an app that sends push notifications. It can also live-stream video and audio from the home. When events occur, the user can decide to sound the alarm, call the police, or dismiss the fuss. Each reaction is a learning cue for Canary.

The onslaught of the Internet of Things may bring with it some automated-home fatigue. But if Canary’s campaign succeeds, it brings a crucial feature to market: A renter-friendly way to protect apartments. The mobile system needs zero installation (keeping landlords at bay), and its rather narrow range of vision can still cover the average urban apartment.

Canary will cost $200. See more over at the Indiegogo campaign. (Click Image To Enlarge)

Over time, neighborhoods and streets will develop security profiles. Sager tells Co.Design.

"Once we detect patterns, we hope to inform people about how to stay safe in their surroundings. Then we’re able to empower individuals to control their whole home environment."

COMMENTARY: I like the concept of the Canary smart home security device. It solves a problem that homeowners face every day: protecting their home from burglary. However, the Canary does nothing to prevent illegal entries or intrusions. Unlike home security systems which have sensors at vital entry points like doors and windows, the Canary can only detect intruders after they have entered the home. Another shortcoming of the Canary is coverage. It can only cover one room at a time. In order to cover the entire house, you would need a Canary device in each room. This would increase the overall cost considerably. For these reasons, I don't think that the Canary is a gamechanger. I do like that it is a "smart" internet-connected device, but it requires that you have your mobile device on at all times, and constant check your app. I find this very taxing and a nuisance. For an apartment in an upper floor or condo, with a main entry point, the Canary could be the ideal smart security device, and at $200.00 would beat an alarm system hands down.

07/17/2013

Since September 11th, 2001, the United States government has dramatically increased the ability of its intelligence agencies to collect and investigate information on both foreign subjects and US citizens. Some of these surveillance programs, including a secret program called PRISM, capture the private data of citizens who are not suspected of any connection to terrorism or any wrongdoing.

In June, a private contractor working for Booz Allen Hamilton leaked classified presentation slides that detailed the existence and the operations of PRISM: a mechanism that allows the government to collect user data from companies like Microsoft, Google, Apple, Yahoo, and others. While much of the program — and the rest of the NSA’s surveillance efforts — are still shrouded in secrecy, more details are coming to light as the public, as well as its advocates and representatives, pressure the government to come clean about domestic spying.

The What

What the hell is PRISM? PRISM is a tool used by the US National Security Agency (NSA) to collect private electronic data belonging to users of major internet services like Gmail, Facebook, Outlook, and others. It’s the latest evolution of the US government’s post-9/11 electronic surveillance efforts, which began under President Bush with the Patriot Act, and expanded to include the Foreign Intelligence Surveillance Act (FISA) enacted in 2006 and 2007.

There’s a lot we still don’t know about how PRISM works, but the basic idea is that it allows the NSA to request data on specific people from major technology companies like Google, Yahoo, Facebook, Microsoft, Apple, and others. The US government insists that it is only allowed to collect data when given permission by the secretive Foreign Intelligence Surveillance Court.

Why is PRISM a big deal?

Classified presentation slides detailing aspects of PRISM were leaked by a former NSA contractor. On June 6th, The Guardian and The Washington Post published reports based on the leaked slides, which state that the NSA has “direct access” to the servers of Google, Facebook, and others. In the days since the leak, the implicated companies have vehemently denied knowledge of and participation in PRISM, and have rejected allegations that the US government is able to directly tap into their users' data.

Both the companies and the government insist that data is only collected with court approval and for specific targets. As The Washington Post reported, PRISM is said to merely be a streamlined system — varying between companies — that allows them to expedite court-approved data collection requests. Because there are few technical details about how PRISM operates, and because of the fact that the FISA court operates in secret, critics are concerned about the extent of the program and whether it violates the constitutional rights of US citizens.

CRITICS HAVE QUESTIONED THE CONSTITUTIONAL VALIDITY OF PRISM

Click Image To Enlarge

How was PRISM created?

As The Washington Post reported, The Protect America Act of 2007 led to the creation of a secret NSA program called US-984XN — also known as PRISM. The program is said to be a streamlined version of the same surveillance practices that the US was conducting in the years following 9/11, under President George W. Bush’s “Terrorist Surveillance Program.”

The Protect America Act allows the attorney general and the director of national intelligence to explain in a classified document how the US will collect intelligence on foreigners overseas each year, but does not require specific targets or places to be named. As the Post reports, once the plan is approved by a federal judge in a secret order, the NSA can require companies like Google and Facebook to send data to the government, as long as the requests meet the classified plan's criteria.

Click Image To Enlarge

Who is responsible for leaking PRISM?

Edward Snowden, a 29-year-old intelligence contractor formerly employed by the NSA, CIA, and Booz Allen Hamilton, confessed responsibility for leaking the PRISM documents. He revealed himself on June 9th, three days after reports on PRISM were published; in an interview with The Guardian, Snowden said, “I don’t want to live in a society that does these sort of things,” and claimed he was motivated by civic duty to leak classified information.

Edward Snowden an NSA, CIA and Booz Allen Hamilton intelligence contractor leaked information about the NSA's PRISM surveillance system. Snowden fled the U.S. and is now in Moscow, Russia via Hong Kong waiting for a permanent safe haven (Click Image To Enlarge)

Snowden left the United States prior to leaking the documents in order to avoid capture, taking refuge in Hong Kong — where he stayed until June 23rd. With the assistance of WikiLeaks, Snowden fled Hong Kong for Moscow, and has requested asylum in Ecuador, Russia, and other countries. He is still residing in a Moscow airport, waiting to be granted asylum.

Surveillance systems like this one are located in cities throughout the U.S. (Click Image To Enlarge)

What does the NSA collect?

While PRISM has been the most talked-about story to come out of Snowden’s leaks, the disclosures have shed light on a vast array of NSA surveillance programs. Broadly speaking, these can be split into two categories: “upstream” wiretaps, which pull data directly from undersea telecommunications cables, and efforts like PRISM, which acquire communications from US service providers. One of the slides in the leaked PRISM presentation instructs that analysts “should use both” of these sources.

NSA programs collect two kinds of data: metadata and content. Metadata is the sensitive byproduct of communications, such as phone records that reveal the participants, times, and durations of calls; the communications collected by PRISM include the contents of emails, chats, VoIP calls, cloud-stored files, and more. US officials have tried to allay fears about the NSA’s indiscriminate metadata collection by pointing out that it doesn’t reveal the contents of conversations. But metadata can be just as revealing as content — internet metadata includes information such as email logs, geolocation data (IP addresses), and web search histories. Because of a decades-old law, metadata is also far less well-protected than content in the US.

NSA Programs Collect Two Kinds of Data: Metadata and Content

A leaked court order provided by Snowden showed that Verizon is handing over the calling records and telephony metadata of all its customers to the NSA on an “ongoing, daily basis.” Mass collection of internet metadata began under a Bush-era program called "Stellarwind," which was first revealed by NSA whistleblower William Binney. The program was continued for two years under the Obama administration, but has since been discontinued and replaced with a host of similar programs with names like “EvilOlive” and “ShellTrumpet.”

Click Image To Enlarge

How does the NSA collect data?

Many crucial details on how and under what circumstances the NSA collects data are still missing. Legally speaking, surveillance programs rely on two key statutes, Section 702 of the FISA Amendments Act (FAA) and Section 215 of the Patriot Act. The former authorizes the collection of communications content under PRISM and other programs, while the latter authorizes the collection of metadata from phone companies such as Verizon and AT&T. However, multiple reports and leaked documents indicate the statutes have been interpreted in secret by the FISA intelligence courts to grant much broader authority than they were originally written to allow. They also indicate that the FISA courts only approve the NSA’s collection procedures, and individual warrants for specific targets are not required.

An analyst starts by inputting “selectors” (search terms) into a system like PRISM, which then “tasks” information from other collection sites, known as SIGADs (Signals Intelligence Activity Designators). SIGADs have both classified and unclassified code names, and are tasked for different types of data — one called NUCLEON gathers the contents of phone conversations, while others like MARINA store internet metadata.

Leaked documents show that under the agency’s targeting and “minimization” rules, NSA analysts can not specifically target someone “reasonably believed” to be a US person communicating on US soil. According to The Washington Post, an analyst must have at least “51 percent” certainty their target is foreign. But even then, the NSA’s “contact chaining” practices — whereby an analyst collects records on a target’s contacts, and their contacts’ contacts — can easily cause Americans to be caught up in the process.

The rules state the analyst must take steps to remove data that is determined to be from “US persons,” but even if they are not relevant to terrorism or national security, these “inadvertently acquired” communications can still be retained and analyzed for up to five years — and even given to the FBI or CIA — under a broad set of circumstances. Those include communications that are "reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed," or that contain information relevant to arms proliferation or cybersecurity. If communications are encrypted, they can be kept indefinitely.

NSA headquarters in Fort Meade, Maryland (Click Image To Enlarge)

So, what now?

In the weeks since the PRISM documents leaked, a widespread international public debate about the United States government’s surveillance and spying programs has engulfed the NSA, Congress, and the Obama administration in controversy. While outspoken supporters of NSA surveillance in Congress and the White House —including President Obama — have defended the legality and necessity of the programs, some US lawmakers are pushing back. In June, a bipartisan group of senators unveiled a bill that aims to rein in the problematic legal provisions that give US intelligence agencies nearly unfettered authority to conduct warrantless surveillance on domestic and foreign communications. Several other lawmakers have introduced their own measures, but legislative reform is still in early stages.

Meanwhile, a diverse coalition of interest groups and private organizations are directly challenging some of the NSA’s surveillance programs in court. On July 16th, a broad coalition of plaintiffs sued the US government for “an illegal and unconstitutional program of dragnet electronic surveillance,” in which the NSA scoops up all telephone records handled by Verizon, AT&T, and Sprint in the US. Separate suits brought by the Electronic Privacy Information Center and the American Civil Liberties Union are also in the works, but the government hasn’t responded to the allegations in court yet.

The companies at the heart of PRISM’s controversy are also acting out, but the specific details regarding their involvement in government surveillance on US citizens is still unclear. Microsoft, Google, Yahoo, and others have stepped up pressure on the government in the past month to declassify the process which compels them to hand over user data to the government. In an impassioned plea made by Microsoft on July 16th, the company’s general counsel Brad Smith said: “We believe the US constitution guarantees our freedom to share more information with the public, yet the government is stopping us.”

Finally, there’s the group of people most affected by PRISM and its sibling programs: the American public. On July 4th, “Restore the Fourth” rallies in more than 100 US cities protested the government’s surveillance programs, focusing on electronic privacy. It’s not clear if public outrage will result in reform, but thanks to the dramatic actions of a young intelligence contractor, we now at least have the opportunity to discuss what the US government has been hiding from the public in the name of national security.

COMMENTARY: In a blog post dated April 28, 2011, I told my readers about the National Security Agency (NSA), and what goes on inside that super-secret agency. For a long time, the U.S. government told Americans there was "No Such Agency," and that it would never use the NSA's intelligence gathering capabilities to spy on and gather information about Americans. However, along came the September 11, 2001 terrorist attack on New York's World Trade Center, and over 3,000 Americans died -- the worst death toll on America since the attack on the U.S. Navy fleet in Pearl Harbor on December 7, 1941 by the Japanese.

Click Image To Enlarge

A lot has happened since 9/11. Shortly after the attack on the World Trade Center, George W. Bush formed the Department of Homeland Security and signed into law the USA Patriot Act of 2001, which allowed the federal government unprecedented powers to protect Americans against terrorist attacks and gather intelligence on terrorists and "persons of interest," including unwary innocent Americans.

The act, as a response to the terrorist attacks of September 11th, significantly weakened restrictions on law enforcement agencies' gathering of intelligence within the United States; expanded the Secretary of the Treasury’s authority to regulate financial transactions, particularly those involving foreign individuals and entities; and broadened the discretion of law enforcement and immigration authorities in detaining and deporting immigrants suspected of terrorism-related acts. The act also expanded the definition of terrorism to include domestic terrorism, thus enlarging the number of activities to which the USA PATRIOT Act’s expanded law enforcement powers can be applied.

From broad concern felt among Americans from both the September 11 attacks and the 2001 anthrax attacks, Congress rushed to pass legislation to strengthen security controls. On October 23, 2001, Republican Rep. Jim Sensenbrenner introduced H.R. 3162 incorporating provisions from a previously sponsored House bill and a Senate bill also introduced earlier in the month.The next day on October 24, 2001, the Act passed in the House of Representatives by a vote of 357 to 66, with Democrats comprising the overwhelming portion of dissent. The following day, on October 25, 2001, the Act passed the U.S. Senate by 98 to 1.

Click Image To Enlarge

Opponents of the law have criticized its authorization of indefinite detentions of immigrants; the permission given law enforcement officers to search a home or business without the owner’s or the occupant’s consent or knowledge; the expanded use of National Security Letters, which allows the Federal Bureau of Investigation(FBI) to search telephone, e-mail, and financial records without a court order; and the expanded access of law enforcement agencies to business records, including library and financial records. Since its passage, several legal challenges have been brought against the act, and Federal courts have ruled that a number of provisions are unconstitutional.

Many of the act's provisions were to sunset beginning December 31, 2005, approximately 4 years after its passage. In the months preceding the sunset date, supporters of the act pushed to make its sunsetting provisions permanent, while critics sought to revise various sections to enhance civil liberty protections. In July 2005, the U.S. Senate passed a reauthorization bill with substantial changes to several sections of the act, while the House reauthorization bill kept most of the act's original language. The two bills were then reconciled in a conference committee that was criticized by Senators from both the Republican and Democratic parties for ignoring civil liberty concerns.

The bill, which removed most of the changes from the Senate version, passed Congress on March 2, 2006, and was signed into law by President George W. Bush on March 9 and 10, 2006.

The Role of Social Networks In National Security

Click Image To Enlarge

In a blog post dated January 26, 2012, I told my readers about the FBI's plans to develop a social network monitoring system to track our social media activities. Internet users already post a huge amount of personal and private information about themselves online, especially on their social network profile pages. For the Department of Homeland Security tapping into the the vast amount of information available on social networks was a no-brainer

The Central Intelligence Agency has also joined the FBI in tapping into the huge amount of data we post on social networks. In a blog post dated January 26, 2012, I told readers that Facebook was basically a front for the CIA. Can there be any doubt? If you are still skeptical, checkout this video and listen to what CIA Deputy Director Christopher Sartinsky had to say about the value of Facebook to the CIA before a Senate national security subcommittee.

Click To View Video

In January 2012, Facebook appointed Erskine Bowles, president emeritus of the University of North Carolina and a former chief of staff to President Bill Clinton, to its board of directors. Mr. Bowles replaced former Clinton Chief of Staff Daniel Pineta, when President Clinton appointed Pineta as CIA Director. Pineta later served as CIA Director under George Bush and briefly under President Barack Obama. If there is any doubt that the CIA has tightened its grip around Facebook, just look at this picture. That's right, it's President Obama reminding Facebook CEO and co-founder Mark Zuckerberg, who is the boss.

Facebook CEO and Co-Founder hopnobs with President Barack Obama at a dinner of Silicon Valley executives during his second term campaign (Click Image To Enlarge)

05/15/2013

Still in its test phase, Google Glass may be dorked to death before it gets the opportunity to take off. Here, marketing players from a range of agencies provide their assessment of Glass’s chances and some suggestions for paving the way to mainstream success.

Google’s much-hyped wearable computer, Google Glass, has been touted by the tech elite as one of the leaps forward of recent times, but those same elites may hobble mainstream adoption of the device.

While privacy concerns have blossomed (the device may be on its way to being banned at a number of locations), it may comfort those worried that we are all about to become spies for Google that the early adopters of Google Glass are helping to give it an image problem it might not recover from.

"For paraplegics and quadriplegics, Glass could be a stunningly useful way to get information and interact with it."

The futuristic-looking headset can augment our everyday reality by putting data in our field of vision as well as allowing us to take pictures, and translating the spoken word on the move. But unfortunately, it also appears to have unintended contraceptive powers, as illustrated by this Tumblr featuring members of its decidedly unhip core fanbase.

It’s all very well having wearable technology that lets you livestream yourself hang gliding. But if it has all the sex appeal of orthodontic headgear, it’s unlikely to catch on. Google’s Glass Explorer program has put Google Glass in the hands and on the heads of developers and tech pundits who Google has selected to test it and have paid $1,500. Google chief executive Larry Page has indicated that the product won’t be in stores for about another year, by which time it may be hard to separate it from its association with tech fanatics.

Arguably, success in wearable technology hinges on making people look and feel good as much as providing a functional service. Developers might be happy to fork vast sums for the privilege of being a Google Glass owner, but when the product goes to mass market, fashion, or at least some sort of coolness and covetability will be as critical as functionality.

Tech pundit Robert Scoble wrote a glowing review about the augmented reality glasses and said, "I will never live a day without them." He then showed off a picture of himself showering while wearing the glasses. Google co-founder Sergey Brin looking cool wearing a pair of Google Glass AR glasses onboard a bus (Click Image To Enlarge)

With this in mind, we asked five marketing experts: How would you position Google Glass to make sure it achieves mainstream success?

Google is embracing its influencers. Make no mistake though--they aren’t just going after the nerds. They are strategic in who they’ve invited to their Glass Explorers program, an influencer program that allows a handpicked group to use the first generation of Google Glass. Google has carefully curated a group of people who sit at the intersection of nerd and celebrity. For example, tech celebrity Soraya Darabi, among others. People like her not only bring their passion for technology but also their massive audiences (500K+ followers in the case of Soraya) into the conversation.

California Lieutenant Governor Gavin Newsom, and former mayor of San Francisco, tries the glasses on Current TV (Click Image To Enlarge)

There’s incremental innovation and there’s wow-your-pants-off innovation. Google Glass is in the latter category. We tried it on last week at Google and it was pretty amazing. Mainstream success will happen as it expands the breadth of its audience and also as its simplifies its technology. What we’ll end up with in a few years is just a tiny camera that we’ll be able to attach to any eyewear. To the broader point, wearable technology is the future. Making it as nerdy as possible at the outset is a smart strategic move to get those who will engage most with the glasses to develop their capabilities and advance them to a place of general adoption. It should be no surprise that Google has already developed a partnership with Warby Parker. The aesthetic will change over time, and this will be one of the many norms of wearable tech.

The Google Glass initial approach has focused on driving exclusivity in select communities. And they’ve nailed it. In the next stage, I’d focus on creating desire by introducing a library of plain interesting to bizarre applications of Glass. Think government, music, Hollywood, retail partnerships--maybe even an episode of Family Guy with Stewie touting Glass.

When we look at the challenge of extending Google Glasses out of nerdom, we believe that the challenge is first, one of execution and second, one of positioning and targeting.

First, in terms of execution, Google Glasses inherently plays in two worlds--fashion and technology--and they haven’t created “cool kid” lust in either area. It is neither an incredible fashion accessory that you would want to wear, nor is it a beautiful or obviously useful gadget that you would want to own.

Second, in terms of positioning and targeting, today Google Glasses is seen as a barrier to social engagement as opposed to an enabler. While it may make your world more exciting and dynamic (as the promotional video might suggest), it does not currently enhance socialization nor have they shown how the value of the glasses increases with additional users (there is currently no clear Network Effect).

Now for our gross generalization about nerds versus everyone else. Nerds actively look to create barriers to protect them from the world, mitigate social engagement, and connect through virtual worlds (thinkWorld of Warcraft). In this context, Google Glasses are the ultimate tool for nerds to add a layer of protection between them and others and potentially seal the fate of Google Glasses as something that only the geekiest of the geeks would ever want to wear (or even own).

I love Google. It gives me convenient access to a world of information and that’s something I want. I don’t love their glasses, because they don’t give me what I want. What I want is my glasses. If you’ve ever chosen a pair of glasses you’ll know how long it takes, how many opinions you seek, how many photos you’ve texted and images of celebrities you’ve looked at, be they fashion, sport or sunglasses. What I want is the Google I love, in the glasses I love. I want Google in my glasses.

Open APIs, products as platforms, and cocreation are the norm for tech companies. There is no way Apple or Android could have brought the level of innovation needed to create so many apps personalized to individual needs. Just because Google Glass is a physical product doesn’t mean Google should change the approach to creating the range of glasses needed to facilitate individual tastes.

To facilitate this, we’d build a platform allowing us to work with a range of individuals and the people who make their glasses. These people would range from well-known celebrities in fashion and sport, to everyday style leaders. The content generated across the journey from inception, build, and trial to launch would provide both broadcast content and ways to engage.

Google in Bradley Wiggins’s glasses: We follow the journey of Bradley and his glasses climaxing at the start of the Tour de France. Google in Elton John’s glasses: No one has more glasses than Elton John; he’s given us a hundred of his best to create a range of Google glasses and we’re going to find the perfect person for each of them. You get the picture. Google in P.Diddy’s glasses. Google in Sven Göran Eriksson’s glasses. Google in Victoria Beckham’s sunglasses.

If you try on anyone else’s glasses, you look like a nerd; that’s just a law of the universe. If you don’t believe me, try it. What I need is Google in my glasses.

It’s a challenge, specifically because of the stigma that was quickly attached to them. Putting aside all flaws in its physical appearance, it would be ideal to tap into how people would realistically use them day to day. Very few people are going be wearing them ALL the time, but there are times when it would be useful to have a device such as this and also have complete use of your hands. We all assume that our mobile devices have no boundaries, but there are instances when we are apprehensive about having them on our person. I think that utilizing those moments is the sweet spot for this product. It’s a more useful Go-Pro and those are wildly popular within their specific usage, which is quite broad. There’s no real need for these beyond enjoyment, and so it would be wise to illustrate the truly hands-free experiences that surround the product beyond the dorkiness we’ve experienced already. At least they’re not as cumbersome as a Segway.

Yes, white middle-aged men love Google Glass. Is it a problem? Of course not. Wearable tech has hardly fallen down Geoffrey Moore’s chasm. We’re seeing early adoption, and in tech (if we’re not counting Pinterest), white men from the Valley with disposable income tend to be first in, first out. And that didn’t stop iPads, laptops, or the mobile phone from reaching mass adoption. Yes, Robert Scoble in the shower is frightening. But take a breath. Google has already tapped Warby Parker, who I personally trust in putting things on my face, and I think Google Glass (in one iteration or another) is here to stay.

COMMENTARY:

What Tech Guru's Are Saying About Google Glass

I am discounting by about 95% the positive comments made by most of the above technology pundits, expecially some of the above VC's in favor of what other technology pundits are saying:

Marcus Wohlsen, a tech reporter for Wired, on May 2, 2013, gave some hints that Google Glass could end in failure by making these comparisons:

“The Segway. The Bluetooth headset. The pocket protector.”

Rebecca Greenfield of The Atlantic, called the secret photo-taking application a “privacy nightmare,” and she also said:

Privacy and security have become major concerns and as the list of concerned protesters continues to grow, we began to wonder: Where will we be most likely to see this Glass resistance moving forward? This is a short list of businesses and places who will ban Google Glass:

Movie theaters and concert venues - It's interesting to consider what Glass could do for film piracy and that annoying guy in front of you who waved his phone snapping photos through an entire two-hours concert. But these are two of the most obvious examples of places that traditionally prohibit cameras.

Public schools - Or nurseries, or playgrounds. Really, anywhere with an influx of children is going to be a potential hotbed of legal headaches.

Behind the wheel - The West Virginia legislators' attempt to ban Glass while driving will inevitably gain favor within other states, which will likely include many of the country's 39 states and Washington, D.C., where texting while driving is prohibited.

Hospitals - Hospitals house boatloads of some of our most personal data, including medical records and insurance information. A stray paper or tilted clipboard could easily find its way into a Glass photo.

Banks and ATMs - Similar to the hospital example, it's not unfathomable to imagine a Glass-clad someone hovering a little too close to your left shoulder to peep a glance at (not to mention a photo of) your credit card.

Dressing rooms, locker rooms, and other rooms with people who are potentially naked - Think everywhere from department stores to your gym to strip clubs.

I might also add to the above list:

Law enforcement - The police will absolutely hate Google Glass. They don't want you recording their every move and what they say, because this could be used against them in court.

Courts rooms - Court rooms often ban photographers from their court rooms, especially high-profile and controversial cases. This is often necessary in order to protect the identity of the jurors and individuals making testimony.

Military bases - Any military personnel on military bases who enter or work in highly classified and secured areas will definitely be banned from wearing Google Glass.

Schools and colleges - Google Glass will definitely be banned from the classroom. Instructors will be weary of students who might use Google Glass to teach on tests.

On the other hand, I can definitely see immigration inspectors, airline security, law enforcement and even retailing establishments benefiting from Google Glass, in helping them identify criminals, security risks, people of interest and shoplifters before they commit crimes. Companies that want to protect their valuable intellectual property as a matter of practice will ban Google Glass.

In my opinion, any technology that raises the high level of privacy and security concerns and could lead to consumer litigation potentially in the billions, has a huge PR image and this has the ability to permanently damage or destroy a brand. This is what I see happening with Google Glass. If Google wants to market Google Glass to the masses, they will have to severely limit or block its use in certain situations.

Google needs to be careful that it does not damage its own brand reputation as the company whose motto is: "Don't Be Evil." Google Glass has the potential to turn Google into the feared "Big Brother," that Steve Jobs warned us about when he tried to portray IBM as "Big Brother" in the famous TV commercial. The company has to be very careful how they launch Google Glass. The company has a social responsibility to uphold (its motto) and it should not take us for granted. The small cadre of tech geeks and very early adopters who now love and applaud Google Glass as the next big thing, may later learn to hate if they are not too careful.

I keep hearing that Google Glass represents the next evolution of the social network. Bringing the social network experience into the real world and sharing what we see and do with others. Is this what Google (and Facebook) really wants? God help us if this is where social networks are headed. I don't want that kind of "social media experience" biting me in the butt, and I am sure you don't either. Left to its own accord, without any controls, I believe that Google Glass crosses a line in the sand where our privacy is not only violated, but completely destroyed. We lose our individuality as human beings, and we become an open book to anyone and everyone.